// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1543

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2025-47813	Wing FTP Server Wing FTP Server	MEDIA	2026-03-16
CVE-2026-3910	Google Chromium V8	ALTA	2026-03-13
CVE-2026-3909	Google Skia	ALTA	2026-03-13
CVE-2025-68613	n8n n8n	CRÍTICA	2026-03-11
CVE-2021-22054	Omnissa Workspace One UEM	ALTA	2026-03-09
CVE-2025-26399	SolarWinds Web Help Desk	CRÍTICA	2026-03-09
CVE-2026-1603	Ivanti Endpoint Manager (EPM)	ALTA	2026-03-09
CVE-2017-7921	Hikvision Multiple Products	CRÍTICA	2026-03-05
CVE-2021-22681	Rockwell Multiple Products	CRÍTICA	2026-03-05
CVE-2023-43000	Apple Multiple Products	ALTA	2026-03-05

// top_vendors_afectados

Microsoft

14

Apple

6

Google

5

Cisco

4

Fortinet

4

SolarWinds

3

Broadcom

3

SmarterTools

3

Gladinet

3

Ivanti

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2024-32113	Apache OFBiz	Apache OFBiz contains a path traversal vulnerability that could allow for remote code execution.	CRÍTICA	2024-08-07
CVE-2024-36971	Android Kernel	Android contains an unspecified vulnerability in the kernel that allows for remote code execution. This vulnerability r…	ALTA	2024-08-07
CVE-2018-0824	Microsoft Windows	Microsoft COM for Windows contains a deserialization of untrusted data vulnerability that allows for privilege escalati…	ALTA	2024-08-05
CVE-2024-37085	VMware ESXi	VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) pe…	MEDIA	2024-07-30
CVE-2023-45249	Acronis Cyber Infrastructure (ACI)	Acronis Cyber Infrastructure (ACI) allows an unauthenticated user to execute commands remotely due to the use of defaul…	CRÍTICA	2024-07-29
CVE-2024-5217	ServiceNow Utah, Vancouver, and Washington DC Now Platform	ServiceNow Washington DC, Vancouver, and earlier Now Platform releases contain an incomplete list of disallowed inputs …	CRÍTICA	2024-07-29
CVE-2024-4879	ServiceNow Utah, Vancouver, and Washington DC Now Platform	ServiceNow Utah, Vancouver, and Washington DC Now Platform releases contain a jelly template injection vulnerability in…	CRÍTICA	2024-07-29
CVE-2024-39891	Twilio Authy	Twilio Authy contains an information disclosure vulnerability in its API that allows an unauthenticated endpoint to acc…	MEDIA	2024-07-23
CVE-2012-4792	Microsoft Internet Explorer	Microsoft Internet Explorer contains a use-after-free vulnerability that allows a remote attacker to execute arbitrary …	ALTA	2024-07-23
CVE-2022-22948	VMware vCenter Server	VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged att…	MEDIA	2024-07-17
CVE-2024-28995	SolarWinds Serv-U	SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the…	ALTA	2024-07-17
CVE-2024-34102	Adobe Commerce and Magento Open Source	Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerabi…	CRÍTICA	2024-07-17
CVE-2024-36401	OSGeo GeoServer	OSGeo GeoServer GeoTools contains an improper neutralization of directives in dynamically evaluated code vulnerability …	CRÍTICA	2024-07-15
CVE-2024-23692	Rejetto HTTP File Server	Rejetto HTTP File Server contains an improper neutralization of special elements used in a template engine vulnerabilit…	CRÍTICA	2024-07-09
CVE-2024-38080	Microsoft Windows	Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissi…	ALTA	2024-07-09
CVE-2024-38112	Microsoft Windows	Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrit…	ALTA	2024-07-09
CVE-2024-20399	Cisco NX-OS	Cisco NX-OS contains a command injection vulnerability in the command line interface (CLI) that could allow an authenti…	MEDIA	2024-07-02
CVE-2020-13965	Roundcube Webmail	Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to manipulate data …	MEDIA	2024-06-26
CVE-2022-2586	Linux Kernel	Linux Kernel contains a use-after-free vulnerability in the nft_object, allowing local attackers to escalate privileges…	MEDIA	2024-06-26
CVE-2022-24816	OSGeo JAI-EXT	OSGeo GeoServer JAI-EXT contains a code injection vulnerability that, when programs use jt-jiffle and allow Jiffle scri…	CRÍTICA	2024-06-26
CVE-2024-4358	Progress Telerik Report Server	Progress Telerik Report Server contains an authorization bypass by spoofing vulnerability that allows an attacker to ob…	CRÍTICA	2024-06-13
CVE-2024-26169	Microsoft Windows	Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local a…	ALTA	2024-06-13
CVE-2024-32896	Android Pixel	Android Pixel contains an unspecified vulnerability in the firmware that allows for privilege escalation.	ALTA	2024-06-13
CVE-2024-4577	PHP Group PHP	PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for ar…	CRÍTICA	2024-06-12
CVE-2024-4610	Arm Mali GPU Kernel Driver	Arm Bifrost and Valhall GPU kernel drivers contain a use-after-free vulnerability that allows a local, non-privileged u…	ALTA	2024-06-12

← Anterior Página 17 / 62 (1543 CVEs total) Siguiente →